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Method of accessing data content in storage devices 



The present invention relates to methods of accessing data content in storage 
devices; in particular, but not exclusively, the present invention relates to a method of 
accessing data content in a storage device by way of multiple iBlaiames relating to mutually 
overlapping data content, for example using master files including associated sub-fOles 
5 therein wherein haOn the master files and their associated sub-files are individually 

addressable by way of their corresponding file names. Moreover, the invention also relates to 
apparatus arranged to utilize the aforementioned method, for example when accessing and/or 
executing data content 

10 

Data storage devices are known, for example magnetic and/oor optical disc 
drives. Such storage devices conventionally are accessed by an associated operating system, 
namely more specifically a file system implementation, for relating an item of data content 
stored on the device, for example in one or more sectors of an optical memory disc, to a 

IS corresponding filename. Such a filename is occasionally referred to as a key identifier, for 
example an "asset-ID". A filename conventionally relates to data content that can comprise a 
data field and/or a quantity of executable code. 

Conventionally, a one-to-one correspondence between a filename and its 
corresponding data content pertains. However, in a United States patent no. US 6, 434, 553, 

20 there is described a file pre-fetch control method including the steps of: 

(a) dividing a file into a plurality of potential files fiimished with a partial file 
name each; and 

(b) converting a request to access any one of the partial files using the 
corresponding partial file name into a request to access the entire file to which the requested 

25 partial fiile belongs, 

whereby the file as a whole is read out. The method described in that patent is of benefit in 
that when multiple files are pre-fetched in this manner, the throughput of the file system is 
enhanced, the number of access operations to a secondary memory utilized when 
implementing the method is reduced, and the wait time for access to partial fiOLes is shortened. 
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The inventor has appreciated that it is not only of benefit to provide for sub- 
file names relating to partial regions of a data content file as well as a filename relating to tiie 
entire data content file, but also of advantage to allow for tiie sub-fiDLe names to relate to 
overlapping data content Moreover, the inventor has appreciated that various advantages 
arise firom such overlapping association of sub-file names to data content because it is 
susceptible to preventing unauthorized data copying. 

A first object of the invention is to provide a data storage device susceptible to 
stxning data content in an arrangement which renders tiie content less suscqptible to hacking. 

A second object of tiie invention is to provide a data storage device which is 
capable of providing greater data content securily. 

A third object of the invention is to provide dififerent rights definitions for 
different parts of efifectively a same file. 

According to a first aspect of the present invention, there is provided a method 
of accessing and/or recording data content in a storage device, including the steps of: 

(a) arranging for the data content on a data storage medium of Ihe device to be a 
noaster file having an associated file name for identifying an address range for locating and 
subsequentiy accessing and/or recording said master file on the medium; 

(b) arranging for the master file to include substantially within its address range at 
least one sub-file having an associated file name for idmtifying an a<Uress range for locating 
and accessing and/or recording the sub-file on the medium; and 

(c) at least one of reading data content fix>m and writing data content to at least 
one of the master file and the at least one sub-file using their associated file names. 

The invention is capable of enhancing robustness of data content included in 
the master file &om hacking or other types of incursion. 

Preferably, in the method, there is a plurality of sub-files arranged to be 
mutually non-overlapping. Alternatively, preferably, there is a plurality of sub-files of which 
a sub-set thereof is arranged to be mutually overlapping. 

Preferably, in the method, at least a sub-set of the at least one sub-file is in 
encrypted form. More preferably, in the method, the device is operable to access in sequence 
the sub-set of the at least one sub-file in encrypted form using corresponding decryption 
access keys. Yet more preferably, in the method, the decryption keys are provided to the 
device firom data serving means via at least one authenticated communication channel. 
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Beneficially, fhe at least one authenticated communication channel is established between the 
device and said one or more remote data servers using private-public key enccyption. 

Preferably, in the method, the storage device is operable to establish said at 
least one authenticated channel with said data serving means for obtaining one or more 
5 decryption keys. 

Preferably, in the method, the device is arranged to destroy said at least one of 
the decryption keys received at the device after at least one o£ 

(a) apre-detecmined time duration after receipt of the at least one key at the 

device; and 

10 (b) substantially immediately after its corresponding sub-file has been deorypted 

within the device for executing Ifaereof . 

Preferably, in the method, the data storage medium is arranged to be 
detachable from tiie storage device. Such detachability allows for ftee-issue soflware to be 
used providing a firee basic level of usability and an enhanced level of usability accessible by 

1 5 way of payment enabling selective use of encrypted data content supplied on the detachable 
storage medium. More preferably, in the method, llie storage medium is a miniature optical 
data storage disc, more preferably a SFFO disc, also known as a Portable Blue (PB) disc. 

Thus, in the method, the data content is preferably arranged to coirespond to 
executable software code included within the master file, wherein tbe sub-files correspond to 

20 user-selectable options. More preferably, in the method, those sub-files included within the 
master file which are enciypted correspond to user-selectable soflware options accessible for 
execution to response to user-payment and/or other types of user consideration such as time 
to present advertisement to the user. 

Preferably, in the method, the storage device is included as a part of a mobile 

25 telephone apparatus couplable to a communication network. More preferably, the data 

content stored in the master file of the storage device is at least one of pre-recorded onto the 
storage medium and downloaded ftom said communication network. 

According to a second aspect of the present invention, there is provided a data 
storage device including a data storage medium arranged to bear data content thereon as a 

30 master file having an associated file name for identifying an address range for locating and 
subsequentiy accessing and/or recording said master file on the medium, the master file 
including substantially within its address range at least one sub-file having an associated file 
name for identifying an address range for locating and accessing and/or recording the sub-file 
on the medium, the device being arranged such that at least one of reading data content from 
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and writing data content to at least one of the master file and the at least one sub-file is 
&cilitated by using their associated file names. 

Preferably, in the device, a plurality of sub-files are arranged to be noiutually 
non-overlapping on the medium. Alternatively, or additionally, a plurality of sub-files are 
5 arranged so that a sub-set lliereof is arranged to be mutually overlapping. 

Preferably, in llie device, at least a sub-set of the at least one sub-file is in 
encr^ted form. More preferably, the device is arranged to be operable to access in sequence 
the sub-set of the at least one sub-file in encrypted finm using corresponding decryption 
access keys. Most prefisrably, the decryption ksys are arranged to be provided to the device 
10 fix>m data serving means via at least one authenticated communication channel Moreover, 
tiie at least one authenticated comrnunication channel is established between the device and 
said one or more remote data servers using private-public key enciyption. 

Preferably, the device is operable to establish said at least one authenticated 
channel with said data serving means for obtaining one or more decryption keys, 
1 5 For providing enhanced security and assisting to prevent hacking, the device is 

preferably arranged to destroy said at least one of the decryption keys received at the device 
after at least one of: 

(a) a pre-determined time duration after receipt of the at least one k^ at the 

device; and 

20 (b) substantially inomediately afler its corresponding sub-file has been decrypted 

within the device for executing thereof. 

Preferably, the data storage medium is arranged to be detachable fix)m the 
device. More preferably, the storage medium is a miniature optical data storage disc, more 
preferably a SFFO disc, for example as developed and/or produced by Philips N. V. 

25 Preferably, in the device, the data content is arranged to correspond to 

executable sofiware code included within the master file, wherein the sub-files correspond to 
user-selectable options. More preferably, those sub-files included within the master file 
which are encrypted correspond to user-selectable software options accessible for execution 
to response to user-payment and/or other form of user-consideration, for example e:?qposing 

30 the user to advertisement material. 

Preferably, the storage device is included as a part of a mobile telephone 
apparatus couplable to a communication network. More preferably, the data content stored in 
the master file of the device is at least one of pre-recorded onto the storage medium and 
downloaded firom said communication network. Most preferably, the storage medium is 
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susceptible to fiee distribution with us^-payable options included in sub-jSles in encrypted 
form. 

It will be appreciated that features of the invention are susceptible to being 
combined in any combination without departing from tiie scope of the invention. 

5 

Enibodiments of the invmtion will now be described^ by way of example only, 
with reference to llie diagrams, wherein: 

Fig. 1 is an iUustiBtionofa part ofa data carrier having recorded thereon a 
10 master file (MF) together with associated sub-files (SFl to SF6), some of the sub-files 

overlapping the master file (MF) and some of the sub-files also being arranged to mutually 
overlap; 

Fig. 2 is an illustration of a communication network corttprising a plurality of 
mobile telephones and conmxunication infirastructure, at least one of the telephones 
15 employing therein a recording arrangement for data as depicted in Fig. 1; and 

Fig. 3 is another illustration of the netv^ork in Fig. 2 in simplified presentation. 

In overview, the inventor has envisaged that, in a contemporary storage device 
20 such as an optical disc drive including a readable/writable optical-disc data-carrsdng medium 
comprising a plurality of data sectors, a data file corresponds to a collection of at least one of 
the sectors addressable by way of a single identifier known as a filename. Thus, the filename 
corresponds to a data asset in the said at least one of the sectors. Such assets can be at least 
one of data and executable software code. In the case of executable code, invoking the 
25 filename can, in certain device arrangements, also cause execution of the corresponding code. 
The inventor has appreciated that it is desirable to employ different keys for different parts of 
the file in a manner not supported in contemporary Digital Rights Management (DKM). 
Moreover, the inventor proposes to use, for example within contemporary Universal Disk 
Format (UDF), overlapping allocation descriptors (AD) to define multiple access keys for 
30 one or more files. 

In order to fiirther elucidate an embodiment of the present invention, reference 
will now be made to Fig. 1 . In Fig. 1, & part of a data medium is indicated generally by 10. 
The medium 10 includes a data region 20. The data region 20 has recorded thereon, for 
exainple magnetically and/or optically, a master file (MF) having sub-files SFl and SF2. The 
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sub-jQles SFl and SF2 occupy mutually different regions of the master file MF and are 
tlierefore mutually non-overlapping. However, both of the sub-files SFl and SF2 overlap the 
master file MF as illustrated. Moreover, the master file MF optionally also includes a sub-file 
SF3 lying within the master file MF and encompassing the sub-file SFl; for exanxple, the 
S sub-file SF3 may be an executable piece of sofiwaie using subroutines present in the sub-file 
SF2. 

Other sub-file airang^ents are also possible, for example the mast^ file MF 
optionally also includes a sub-file SF4 lying within the master file MF and encompassing the 
sub-file SFl and a portion of the sub-file SF2; for example, the sub-file SF4 is executable 

10 soflware using all subroutines of the sub-file SFl and a sub-set of subroutines included in the 
sub-fUe SF2. Other master-file/sub-file configurations exist, for exaxxxplo a sub-file SFS 
comprises a portion of the master file MF and a data field extending beyond the master file 
MF; such an arrangement is potentially of advantage to confiise hackers vAio expect the 
master file MF to be the extent of the executable soflware in question. Moreover, another 

IS exan^le is where a sub-file SF6 shown encompasses the sub-field SF2, a portion of the 
master field MF and a data field extending beyond the master fiOle MF. 

The master file MF has an associate allocation descriptor ADO defining a start 
address (S A) and a file length (FL) within the data region 20, namely the descriptor ADO is 
expressible as: 

20 ADO[SA,FL] 

The master file MF and the sub-files SFl to SF6, for example, have associated 
allocation descriptors as provided in Table 1 . 



Table 1: 



File 


Start address (SA) 


End address 


File length (FL) 


MF(ADO) 


12800 


25600 


12800 


SFl (ADl) 


17600 


19200 


1600 


SF2 (AD2) 


20800 


24000 


3200 


SFS (ADS) 


ISOOO 


19500 


4500 


SF4 (AD4) 


15100 


22000 


6900 


SFS (ADS) 


2S000 


26000 


1000 


SF6 (AD6) 


20500 


26500 


6000 



25 
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It will be appiedated that Table 1 is an illustcative example of various ways in 
which the master file MP and its associated sub-files SFl to SF6 can overlap. Other 
configurations of overlap of the master file MF and its sub-files are possible. 

The inventor has £q)preciated that overlapping allocation descriptors would not 
5 be regarded in the state of the art as desirable because such overlapping of sub-files is broken 
or disturbed when files are moved witibdn a data canying medium, for example within the 
medium 10. However, such disturbance is susceptible to being used to benefit because it is 
capable of preventing unauthorized copying of data content as relocation potentially renders 
such data content unusable unless an authenticated application capable of correctiy relocating 

10 the data content and updating the fiOLe references is utilized. 

Thus, an arrangement of the master file MF and its associated sub-files SFl to 
SF6 offers a possibility of having multiple access keys, especially when one or more of the 
sub-files SFl to SF6 are encrypted but yet accessible by using associated encryption access 
keys. Such access will be desoibed in more detail later. 

15 The use of master files including sub-files wherein each sub-file has an 

associated allocation descriptor invocable using a corresponding filename is especially 
appropriate for highly compact electronic data memories for portable electronic apparatus 
such as mobile telephones. For example. Philips N.V. in the Netherlands, as reported at an 
exhibition "Ceatec 2002" held in Japan, has recentiy developed a memory optical disc drive 

20 susceptible to replacing solid-state memory cards. The disc drive is known in the art as a 
small form fector optical storage, namely "SFFO" or Portable Blue (PB). In Philips N.V.'s 
prototype drive, one or more data-storage optical discs are employed, each disc having a 
diameter in the order of substantially 30 mm and being capable of storing 1 Gbyte of data 
content 

25 Philips N.V-'s Portable Blue (PB), also known as SFFO, is based on blue laser 

technology and is anticipated to replace DVD-ROM products in the next few years. Blue 
lasers have a shorter wavelength than red lasers conventionally employed to read 
conteinporary DVD-ROMs and CD-ROMs, thus the use of blue lasers enables less space to 
be utilized to store a given quantity of data. Presenfly, Philips N. V.'s blue-laser memory disc 

30 drives are capable of squeezing 1 Gbyte of data content, namely approximately 50% more 

data than in a conventional CD-ROM, onto a miniature disc whose diameter is comparable to 
that of a contemporary Euro coin. 

The principle of the master £Dle MF and its associated sub-files SFl to SF6 as 
described in the foregoing is of potential benefit in rendering data content in the form of 
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executable software code which is more tamper resistant. Hitherto, the inventor has 
appreciated lhat there has been an absence of dejSnite solutions to Hie problem of making 
software tamper resistant Present solutions to protect against tampering of executable 
software do not allow for "fine grain" control of ^ecutable software ftinctionalily. Most 
5 contemporary approaches rely on a sophisticated digital rights manag^ent 0>RM) ^iproach 
which focuses on content encryption of a data-content master file as a whole. In general, the 
inventor has found that contemporary copy control and systems employing the 
aforementioned DRM exhibit dramatically reduced flexibility in order to enhance data 
content security, for example against tanq)ering, such inflexibility constituting a technical 

10 problem >A^ch the present invention seeks to address. 

The inventor has proposed that data content, for example executable software, 
is susceptible to being protected at a contrat-recipient side, in contradistinction to a 
corresponding content-supplying side, by incremental decryption using one or more access 
keys supplied over one or more secure live communication connections. Beneficially, the one 

15 or more access keys are provided from a data server. Advantageously, the recipient side is a 
user having a mobile telephone provided with the aforemCTtioned SFFO data storage drive. 
Such soflware provided from the content-supplying side is preferably stored at tiie content- 
recipient side in the aforementioned master file MF having associated therewith a plurality of 
sub-files each having its specific associated encryption access key and filename. 

20 Jn operation, data content in the form of executable soflware is either supplied 

with the aforesaid mobile telephone pre-stored in its SFFO drive or downloaded ftom a data 
content data source, for example a data server, into the SFFO drive. In a situation where the 
data content is dormant in the SFFO drive, the data content is capable of being activated by 
receipt of appropriate access encryption keys to de-encrypt the content in incremental stqps 

25 relating to its encrypted individual sub-files as described in the foregoing. In a situation 

where data content is downloaded from a server, the data content is arranged so that it forms 
at least one master file having a file name with associated sub-files each having 
corresponding file names and at least a sub-set of the sub-files each being encrypted; 
subsequentiy, decryption keys are susceptible to being downloaded from either the same 

30 server as the data content and/or another server so as to render the downloaded soflware 

operable on the telephone. The decryption keys are susceptible to being time-limited in effect 
and/or released in response to payment of a license fee; for example, the downloaded data 
content can be soflware which is executable to provide motion image presentation on a 
screen of a mobile telephone in response to payment causing downloading of a subscription 



1 
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key for activating the downloaded software. Preferably, the subscription key corresponds to a 
sequence of graded keys relating to sub-fields of the downloaded software which are 
addressable as a whole by a master filename and whose sub-files are addressable by way of 
sub-file filenames. Relocation and/or copying of tibe downloaded software firom the mobile 
5 telephone resulting in redistribution of tiie soflware, for example fiagmentation when copied 
over to olher storage devices, is then susceptible to causing the sofiware not to function, 
thereby acting as a deterrent to sofiware hacking. 

hx order to further elucidate the present invention, an embodiment of the 
invention will now be described in more detail with reference to Fig. 2. 

10 In Fig. 2, there is shown a communication network indicated generally by 1 00. 

The network 100 comprises a mobile telephone device 110 together wilh optionally one or 
more similar telephone device (OTLF) indicated by 120. The network 100 further comprises 
a network infirastructure indicated generally by 130 comprising distributed transmission 
infrastructure (CS) 150; for example, the transmission infi:astructure 150 comprises radio 

15 masts, optical fibre communication links and signal switehing apparatus such as DWDM 
routers. The infrastructure 130 includes at least one server, for example a server (SVR) 140 
having an associated data storage device 145; the storage device 145 is arranged to store a 
variety of types of data, for example decryption keys, access keys, user accounts and 
registration details as well as executable application software, information. 

20 The tel^hone device 110 includes an exterior enclosure 200 for protection, 

for example a plastic shell manufactured from injection-moulded plastics material. Moreover, 
the device 1 10 further comprises a radio transceiver module 210 coupled to a patoh antenna 
and/or stub antenna 220 operable to provide radio communication with the distributed 
transmission infrastructure (CS) 150. The device 1 10 also includes a microprocessor (uP) 230 

25 coupled to a user-operable key pad (KY) 240, for example for entering standard messaging 
system (SMS) text; telephone numbers and similar types of data as well as selecting user 
options as described later. The microprocessor 230 is further coimected to a miniature loud- 
speaker 250, a miniature microphone 260, a miniature liquid crystal display (DSP) 270 and a 
storage device (MEM) 280 implemented by way of the aforementioned SFFO optical drive. 

30 Moreover, the device 110 includes an internal source of power (BATT) 290, for example in 
the form of a lithium and/or metal halide rechargeable battery. 

In operation, the storage device 280 has executable cyperating system software 
loaded tiiere onto for enabling the device 1 10 to communicate with the transmission 
infrastructure 150 and, when required, with the server 140. A user of the device 110 is 
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thereby capable of communicating with one or more of the similar telephone devices 120 
and/or accessing data or writing data to the server 140, for example electronic instructions to 
pay invoices and entering telephone user details. 

A software application developer has created a navigation system for use witii 
5 Ihe device 110. The system is iniplemented, at least in part^ as executable qiplication 

software which the microprocessor 230 of the device 1 10 is capable of executing and which 
is enable of being stored in the storage device 280. The software application comprises a 
relatively large database of maps and an executable part which is partially encrypted, namely 
the executable part is inqplemented as a master file including a plurality of sub-files of "vtiiich 
10 a subset is raoypted, pre&rably by way of a plurality of mutually different access decryption 
hsys. 

The application software providing the navigation S3rstem is published as a 
SFFO disc which is given away fi<ee to users, the disc being user ins^rtable into tiie storage 
device (MEM) 280 of the telephone device 110. The user of the device 1 10 is able to insert 

IS tiie free SFFO disc into the storage device 280 and thereafter browse for fi:ee the 

afor^entioned relatively large database of m^s. However, in order to search the database 
for a specific address or to plan a route, the user of the device 110 has to pay for such 
privilege. The payment can be in tiie form of a cash transaction via a connecting server 
coupled to the infiastructuie 150 and/or a forced delay of a searching result fixim the 

20 aforementioned database of maps whilst the user of tiie device 1 10 is presented witii an 

advertisement on the display 270. The advertisement can, for example, be based on a location 
which the user of the device 1 10 wishes to visit and/or access, for exaniple a nearest pizza 
parlour or hamburger restaurant. 

When the user has installed the free SFFO disc into the device 110, for 

25 example as illustrated in Fig. 3, and commences execution of the software application, all 
options potentially provided by the application are presented on the display 270 to the user 
and/or acoustically via the loudspeaker 250 to the user, for example options of invoking one 
or more of browsing and route planning. If the user selects using the key pad 240 to browse 
the maps on the SFFO disc, activity associated therewith is local to the device 110 and does 

30 not invoke communication with the infrastructure 150 and its associated server 140. Only that 
part of executable software included on the SFFO disc which is unencrypted will be used in 
such a local free browsing mode of operation. As soon as the user selects an option of the 
software q)plication presented on the display 270 which is not free, namely corresponds to 
executable software sub-files on the fi:ee SFFO disc in encrypted form, the user is presented 
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initially "with a warning on fhe display 270 that the use of fhe selected option will invoke a 
portion of tiie application software which is not firee. Pre&rahly, in such a situation, the user 
of the device 1 10 is presented on the display 270 with a price list for different encrypted 
options on tiie SFFO disc and/or different payment models. The user is then able to abort an 
S action just performed to invoke non-fiee options, or choose a task presented and/or one or 
more of the payment models. Alternatively, the user can choose, for exaniple using the key 
pad 240, not to be confronted with such a warning at all, or not any mor^ by selecting 
corresponding options in a configuration menu presented on the display 270. In a situation 
where Ifae user of Ifae device 110 has taken a subscription with tiie provider of the free SFFO 

10 disc, the device 1 10 can be arranged not to present such a warning to the user, fbr exanq)l6 by 
Ihe device 1 10 interrogating the server 140 via tiie infrastructure 150. 

Thus, if the user selects a task or option of tiie display 270 which is not free, 
the software application executing in the microprocessor 230 will contact the server 140 by 
way of tiie transcdver 210 and its antenna 220 in conjunction with tiie infrastmcture ISO. 

15 When contacted, Ifae server 140 is operable to relate a telephone number of the device 1 10 
witii an active corresponding subscription registered on tiie server 140; if an association is 
found, namely the user has paid such a subscription, the server 140 checks that the option 
selected by the user is compatible with allowed options addressed by the subscription. When 
the server 140 identifies that the user is entitied to use the option selected at the key pad 240, 

20 an access key required by the microprocessor 230 to decrypt an encrypted sub-file of the 
software application on the free SFFO disc is communicated via a secure authenticated 
communication chamel which the software application executing on the microprocessor 230 
of the device 1 10 is capable of establishing from the device 1 10 to the server 140. 
Establishment of the authenticated communication channel optionally utilizes security 

25 measures such as private-public key encoding procedures as known in the art. 

When the user selects a non-free option when executing the software 
application on the device 110, the decryption key sent from the server 140 via the established 
authenticated channel to the device 1 10 is preferably time limited so that software sub-files 
loaded into the device 110 from the free SFFO disc are decrypted for immediate executing 

30 and then any trace of the key in the device 1 10 is erased or destroyed to reduce a risk of 

hacking occurring. In view of the transient occurrence of the key in the device 1 10, it is more 
difficult for a hacker to gain access to the key in comparison to a key stored permanentiy on 
the device 1 10, for example in solid-state non-volatile memory associated with the 
microprocessor 230. 
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Paid for functionality in the device 110 associated with encrypted sub-files 
which are selectively deciypted using down-loaded decryption keys firom the server 140 in 
return for payment may be rendered available in the device 1 10 until the {plication software 
exits its execution, for example the user switches off the device 1 10. Alternatively, the paid 
5 for fiinctionality may be time limited such that the deccyption key effectively expires in the 
device 110. Yet alternatively, the paid for functionality may be arranged to expire after a 
predetermined number of route searching results having been presented on the display 270 to 
the user. 

As elucidated in the foregoing, the software application providing navigation 

10 ftmctionality in the device 10 includes executable code subdivided in sub-sections in tiie form 
of sub-files SF as described earlier with reference to Fig. 1; namely, on the fiiee SFFO disc, 
the sub-files can be included in the master file MF and can be either adjacent or overlq>ping 
as appropriate, for example in a manner as illustrated in Fig. 1 . Moreover, to make it 
extremely difficult for hackers, certain sub-files on the SFFO disc can lie partially within a 

1 5 master MF region of the disc and partiy beyond. Thus, by subdividing the application 
software code on the SFFO disc into sub-files, each sub-file being provided vdth its 
corresponding sub-file name, and using mutually different encryption keys for protecting the 
sub-files against hackers, and also arranging for executable software code associated with the 
sub-files to be configured to execute in sequence, it is possible to ensure that single execution 

20 of the sofiware application is assured. 

For example, executable software code in the sub-file SFl that enables the 
user to select a geographical route to be calculated may be deciypted firstiy in the device 110, 
after which its associated first decryption key securely communicated via an authenticated 
channel from the server 140 to the device 1 10 is destroyed. After the calculation of the 

25 geographical route is completed using sofiware in the sub-file SFl on the free SFFO disc, a 
different second decryption key is sent from the server 140 via the authenticated 
communication channel to the device 1 10 for use in decrypting executable software in the 
sub-file SF2 recorded on the free SFFO disc, the software of the sub-file SF2 being usable in 
the device 1 10 for receiving the calculated results of the route and formatting them in a form 

30 suitable for presentation on the display 270; after displaying the results, the second 
decryption key is destroyed in the device 110. 

Preferably, the disc drive 280 of the device 1 10 is configured to be able to 
recognize whether a SFFO disc inserted into the drive 280 is a read-only (RO) SFFO disc or 
a writable SFFO disc (R/RW). By such configuration of the device 1 10, it is possible to 



PHNL031510EPP 



13 19.12^003 
reduce a risk of a hacker being able to gain unauthorized access to data content on the free 
SFFOdisc. 

It will be appreciated that embodiments of the invention described in the 
foregoing are susceptible to being modified without departing from the scope of Ifae 
5 invention. 

When describing embodiments of the invention in the foregoing, and also with 
regard to the accompanying claims, expressions such as "comprise", "include", "incorporate", 
"contain", "is", "have" are intended to be constmed non-exclusively, namely allowing for 
other items and/or components not GxpUdily named to be also present 
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CLAIMS: 



1. A method of accessing and/or recording data content in a storage device (280)» 
including the steps of: 

(a) arranging for the data content on a data storage medium (10) of the device to 
be a master file (MF) having an associated file name for identifying an address range for 

S locating and subsequently accessing and/or recording said master file on the medium; 

(b) arranging for the master file to include substantially within its address range at 
least one sub-file (SF1-SF6) having an associated file name for identifying an address range 
for locating and accessing and/or recording Hie sub-file on tiie medium; and 

(c) at least one of reading data content fix>m and writing data content to at least 
10 one of die master file and the at least one sub-file using Iheir associated file names. 

2. A method according to claim 1, wherein lliere is a pluralily of sub-fiUies 
arranged to be mutually non-overlapping. 

IS 3. A method according to claim 1, wherein tiiere is a pluralily of sub-files of 

which a siib-set thereof is arranged to be mutually overlapping. 

4. A method accordiag to claim 1, whereiu at least a sub-set of the at least one 
sub-file is in encrypted fomx 

20 

5. A method according to claim 4, wherein the device is operable to access in 
sequence the sub-set of the at least one sub-file in enoypted form using corresponding 
decryption access keys. 

25 6. A method according to claim 5, wherein the decryption keys are provided to 

the device firom data serving means via at least one authenticated communication channel. 
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7. A method accoiding to claim 6, wherein the at least one authenticated 

communication channel is established between the device and said one or more remote data 
servers (140) using private-public key encryption. 

S 8. A method according to claim 6, wherein the storage device is operable to 

establish said at least one authenticated channel willi said data serving means for obtaining 
one or more decryption keys. 

9. A method according to claim 5, wherein the device is airanged to destroy said 
10 at least one of the decryption keys received at the device after at least one of: 

(a) a pie-determined time duration after receqit of the at least one key at the 
device; and 

(b) substantially immediately after its corresponding sub-file has been decrypted 
within the device for executing thereof 

15 

10. A m^od accoiding to claim 1, wherein the data storage medium is arranged 
to be detachable from the storage device. 

11. A method according to claim 10, wherein the storage medium is a miniature 
20 optical data storage disc, more preferably a SFFO disc. 

12. A method according to claim 1 , wherein the data content is arranged to 
correspond to executable software code included within the master file, wherein the sub-files 
correspond to user-selectable options. 

25 

13. A method according to claim 12, wherein those sub-files included within the 
master file which are encrypted correspond to user-selectable software options accessible for 
execution to response to user-payment. 

30 14. A method according to claim 1, wherein the storage device is included as a 

part of a mobile telq)hone apparatus (1 10) couplable to a communication network. 
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IS. A metiiod according to claim 14, wherein fhe data content stored in the master 

jBle of the storage device is at least one of pre-recorded onto the storage medium and 
downloaded from said communication network. 

5 16. A data storage device, including a data storage medium (1 0) arranged to bear 

data content thereon as a master file (MF) having an associated file name for identifying an 
address range for locating and subsequently accessing and/or recording said master file on 
the medium, the master file including substantially within its address range at least one sub- 
file having an associated file name for identifying an address range for locating and accessing 
10 and/or recording the sub-file (SFl -SF6) on fhe medium, the device being arranged such that 
at least one of reading data content from and writing data content to at least one of the noaster 
file and the at least one sub-file is &cilitated by using their associated file names. 
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ABSTRACT: 



There is provided a data storage device (110, 280). The device (110, 280) is 
distinguished in that it includes a data storage medium (280, SFFO) arranged to bear data 
content thereon as a master file (MF) having an associated file name (ADO) for identifying an 
address range for locating and subsequently accessing and/or recording said master file (MF) 
5 on the medium (280, SFFO), the master file (MF) including substantially within its address 
range at least one sub-file (SF) having an associated file name for identifying an address 
range for locating and accessing and/or recording the sub-file (SF) on the medium (280, 
SFFO), the device (110, 280) being arranged such that at least one of reading data content 
from and writing data content to at least one of the master file (MF) and the at least one sub- 
10 file (SF) is facilitated by using their associated file names. 



Fig, 2 



PHNIJ031510 



2/3 




PHNL031510 



3/3 




240 



Fig. 3 



PCT/IB2004/052625 



This Page is Inserted by IFW Indexing and Scanning 
Operations and is not part of the Official Record 

BEST AVAILABLE IMAGES 

Defective images within this document are accurate representations of the original 
documents submitted by the appHcant. 

Defects in the images include but are not limited to the items checked: 

pfBLACK BORDERS , 

□ IMAGE CUT OFF AT TOP, BOTTOM OR SIDES 

□ FADED TEXT OR DRAWING 

□ BLURRED OR ILLEGIBLE TEXT OR DRAWING 

□ SKEWED/SLANTED IMAGES 

^3^LOR OR BLACK AND WHITE PHOTOGRAPHS 

□ GRAY SCALE DOCUMENTS , 

□ LINES OR MARKS ON ORIGINAL DOCUMENT 

□ REFERENCE(S) OR EXHIBIT(S) SUBMITTED ARE POOR QUALITY 

□ OTHER: 

IMAGES ARE BEST AVAILABLE COPY. 
As rescanning these documents will not correct the image 
problems checked, please do not report these problems to 
the IFW Image Problem Mailbox. 



